CVE-2007-0002
Published: 16 March 2007
Multiple heap-based buffer overflows in WordPerfect Document importer/exporter (libwpd) before 0.8.9 allow user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted WordPerfect file in which values to loop counters are not properly handled in the (1) WP3TablesGroup::_readContents and (2) WP5DefinitionGroup_DefineTablesSubGroup::WP5DefinitionGroup_DefineTablesSubGroup functions. NOTE: the integer overflow has been split into CVE-2007-1466.
Priority
Status
Package | Release | Status |
---|---|---|
libwpd Launchpad, Ubuntu, Debian |
dapper |
Released
(0.8.4-2ubuntu0.1)
|
edgy |
Released
(0.8.6-1ubuntu0.1)
|
|
feisty |
Released
(0.8.9-1)
|
|
upstream |
Needs triage
|
|
openoffice.org Launchpad, Ubuntu, Debian |
dapper |
Released
(2.0.2-2ubuntu12.4)
|
edgy |
Released
(2.0.4-0ubuntu6)
|
|
feisty |
Released
(2.2.0-1ubuntu4)
|
|
upstream |
Needs triage
|
|
openoffice.org-amd64 Launchpad, Ubuntu, Debian |
dapper |
Released
(2.0.2-2ubuntu12.4-1)
|
edgy |
Does not exist
|
|
feisty |
Does not exist
|
|
upstream |
Needs triage
|
|
openoffice.org-l10n Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
edgy |
Ignored
(end of life, was needed)
|
|
feisty |
Released
(2.2.0-0ubuntu2)
|
|
upstream |
Needs triage
|